module.exports = (options) => {
  const { exclude } = options;
  return async (ctx, next) => {
    const originalUrl = ctx.request.url;
    const flag = exclude.some((it) => originalUrl.includes(it));
    if (flag) {
      await next();
      return false;
    }
    const token = ctx.cookies.get('token', { signed: false });
    let decode = null;
    if (token !== 'null' && token) {
      try {
        decode = ctx.app.jwt.verify(token, ctx.app.config.jwt.secret); // 验证token
      } catch (error) {
        ctx.body = ctx.response.authenticattionError('token验证失败');
        return;
      }
      await next();
    } else {
      ctx.body = ctx.response.authenticattionError('token已过期，请重新登录');
      return;
    }
  };
};
